QuintessenceLabs has announced the release of a new software daemon that directly addresses a common performance and security problem. qRand monitors entropy in systems, identifies when they are “entropy starved,” and delivers high-speed full entropy whenever it’s needed.
Initially for use in Linux systems, qRand supplements entropy for special like /dev/random that provide randomness when requested. Indeed, /dev/random (and similar) only succeed when enough entropy is available, otherwise they “block,” degrading performance.
Some applications counter this with “nonblocking” pseudorandom number generators, but this is a risky method that could lead to vulnerabilities, making systems easier security targets.
qRand monitors the level of entropy delivered by /dev/random. When the system’s entropy falls below a specified lower bound, qRand assists with entropy sourced from a qStream quantum random number generator (QRNG) to augment the entropy pool. This enables applications to generate and use high-quality cryptographic keys without additional steps.
“qRand was originally developed to meet the need of one of our customers, but the QuintessenceLabs team quickly realized it had much broader benefits,” explained John Leiseboer, QuintessenceLabs CTO. “Many organizations rely on VMs or other environments where normal entropy gathering does not yield as much as is needed. qRand solves this security issue without any changes to the applications themselves.”
qStream is QuintessenceLabs’ quantum random number generator that delivers full-entropy, unpredictable random numbers by sampling quantum tunneling effects, at the world leading rate of 1 Gbit/sec. qStream is available as a standalone device or as part of the qCrypt 350R and qCrypt 350TSF network security appliances.
Presently, QuintessenceLabs has developed qRand for Linux systems, including those running Ubuntu and RHEL. qRand is available now as part of a qCrypt or qStream deployment, for new or existing QuintessenceLabs customers.